feat(environment): Add prod configuration

Makefile

@@ -4,4 +4,13 @@ dev:
 	kubectl apply -k environments/dev --prune=true --all
 
 prod:
-	kubectl apply -k environments/prod --prune=true --all
+	kubectl taint node -l type=outbound type=services:NoSchedule --overwrite
+	kubectl apply -k environments/prod/bootstrap --all
+	kubectl apply -k environments/prod --all
+
+monitor:
+	kubectl apply -f nginx/external/servicemonitor.yaml
+	kubectl apply -f nginx/internal/servicemonitor.yaml
+	kubectl apply -f argo/servicemonitor.yaml
+	kubectl apply -f cloudnativepg/podmonitor.yaml
+

environments/dev/bootstrap/kustomization.yaml

@@ -3,16 +3,16 @@ kind: Kustomization
 
 resources:
   # MetalLB installation and configuration
-  - https://raw.githubusercontent.com/metallb/metallb/v0.13.7/config/manifests/metallb-native.yaml
+- github.com/metallb/metallb/config/native?ref=v0.14.3
   # Traefik CRD
-  - https://raw.githubusercontent.com/traefik/traefik/v2.9/docs/content/reference/dynamic-configuration/kubernetes-crd-definition-v1.yml
-  - https://raw.githubusercontent.com/traefik/traefik/v2.9/docs/content/reference/dynamic-configuration/kubernetes-crd-rbac.yml
+- https://raw.githubusercontent.com/traefik/traefik/v2.9/docs/content/reference/dynamic-configuration/kubernetes-crd-definition-v1.yml
+- https://raw.githubusercontent.com/traefik/traefik/v2.9/docs/content/reference/dynamic-configuration/kubernetes-crd-rbac.yml
   # Longhorn CRD
-  - https://raw.githubusercontent.com/longhorn/longhorn/v1.5.2/deploy/longhorn.yaml
+- https://raw.githubusercontent.com/longhorn/longhorn/v1.7.2/deploy/longhorn.yaml
   # SOPS secrets operator CRDs
-  - https://raw.githubusercontent.com/isindir/sops-secrets-operator/master/config/crd/bases/isindir.github.com_sopssecrets.yaml
+- https://raw.githubusercontent.com/isindir/sops-secrets-operator/master/config/crd/bases/isindir.github.com_sopssecrets.yaml
   # Install CoudNativePG operator
-  - https://raw.githubusercontent.com/cloudnative-pg/cloudnative-pg/release-1.20/releases/cnpg-1.19.1.yaml
+- https://raw.githubusercontent.com/cloudnative-pg/cloudnative-pg/release-1.20/releases/cnpg-1.19.1.yaml
 
-patchesStrategicMerge:
-  - ./metallb-patch.yaml
+patches:
+- path: ./metallb-patch.yaml

environments/dev/kustomization.yaml

@@ -1,22 +1,18 @@
 apiVersion: kustomize.config.k8s.io/v1beta1
 kind: Kustomization
 
-resources:
   # MetalLB configuration
-  - ../../metallb
   # Miscellanous basic configuration
-  - ../../res
   # NFS client configuration
-  - ../../nfs-provisioner
   # Longhorn installation and configuration
-  - ../../longhorn
   # SOPS operator for secret management on the fly
-  - ../../sops-operator
   # Traefik configuration
-  - ../../traefik
   # Argo installation and configuration
-  - ../../argo
-
-patchesStrategicMerge:
-  #- ../../environments/dev/traefik-internal-service.yaml
-  #- ../../environments/dev/traefik-external-service.yaml
+resources:
+- ../../metallb
+- ../../res
+- ../../nfs-provisioner
+- ../../longhorn
+- ../../sops-operator
+- ../../traefik
+- ../../argo

environments/dev/postgres-operator-patch.yaml

@@ -1,13 +0,0 @@
-apiVersion: apps/v1
-kind: Deployment
-metadata:
-  name: postgres-operator-ui
-  namespace: default
-spec:
-  template:
-    spec:
-      containers:
-        - name: "service"
-          env:
-            - name: "TARGET_NAMESPACE"
-              value: "*"

environments/dev/traefik-internal-service.yaml

@@ -4,4 +4,4 @@ metadata:
   name: traefik-internal
   namespace: default
 spec:
-  loadBalancerIP: 10.10.0.26
+  loadBalancerIP: 10.10.0.35

environments/prod/bootstrap/kustomization.yaml

@@ -0,0 +1,20 @@
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+
+resources:
+  # MetalLB installation and configuration
+- github.com/metallb/metallb/config/native?ref=v0.14.3
+  # Traefik CRD
+  #- https://raw.githubusercontent.com/traefik/traefik/v3.2/docs/content/reference/dynamic-configuration/kubernetes-crd-definition-v1.yml
+  #- https://raw.githubusercontent.com/traefik/traefik/v3.2/docs/content/reference/dynamic-configuration/kubernetes-crd-rbac.yml
+  # Cert manager CRD
+- https://github.com/cert-manager/cert-manager/releases/download/v1.16.1/cert-manager.crds.yaml
+  # Longhorn CRD
+- https://raw.githubusercontent.com/longhorn/longhorn/v1.7.2/deploy/longhorn.yaml
+  # SOPS secrets operator CRDs
+- https://raw.githubusercontent.com/isindir/sops-secrets-operator/master/config/crd/bases/isindir.github.com_sopssecrets.yaml
+  # Install CoudNativePG operator
+- https://github.com/cloudnative-pg/cloudnative-pg/raw/refs/heads/main/releases/cnpg-1.24.1.yaml
+
+patches:
+- path: ./metallb-patch.yaml

environments/prod/bootstrap/metallb-patch.yaml

@@ -0,0 +1,13 @@
+apiVersion: apps/v1
+kind: DaemonSet
+metadata:
+  name: speaker
+  namespace: metallb-system
+spec:
+  template:
+    spec:
+      tolerations:
+      - key: "type"
+        operator: "Equal"
+        value: "services"
+        effect: "NoSchedule"

environments/prod/kustomization.yaml

@@ -1,10 +1,19 @@
 apiVersion: kustomize.config.k8s.io/v1beta1
 kind: Kustomization
 
+  # MetalLB configuration
+  # Miscellanous basic configuration
+  # NFS client configuration
+  # Longhorn installation and configuration
+  # SOPS operator for secret management on the fly
+  # Traefik configuration
+  # Argo installation and configuration
 resources:
-  - https://raw.githubusercontent.com/metallb/metallb/v0.13.7/config/manifests/metallb-native.yaml
-  - ../../metallb
-  - ../../res
-  - https://raw.githubusercontent.com/longhorn/longhorn/master/deploy/longhorn.yaml
-  - ../../longhorn
-  - ../../traefik
+- ../../metallb
+- ../../res
+- ../../longhorn
+- ../../sops-operator
+#- ../../traefik
+- ../../cert-manager
+- ../../argo
+#- ../../calico